darkcomet | 2f86db7106f852e5f02043136c7160989d6c817eed76000a253ad75cc7cfcf8c | Triage

Sharing

General

Target

JaffaCakes118_87d508a22f47c97a5b2ec61236f99b00
Size

745KB
Sample

250323-w9mkjsvly4
MD5

87d508a22f47c97a5b2ec61236f99b00
SHA1

9bb0875720b1e722f10dd2c0ff79bef8b49cb84a
SHA256

2f86db7106f852e5f02043136c7160989d6c817eed76000a253ad75cc7cfcf8c
SHA512

797263419b5ea8ec65b723812252267141b36b59cedf0b3259690b3848767650b3b354541fa746c3639c400b02459d87bf7b1762c8c58679a3fec0594015f688
SSDEEP

12288:c6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfh:xAmBpVKHu0Mu9Xo20VGLVP5

Score

10^/10

darkcomet test discovery rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

test

C2

127.0.0.1:1604

Mutex

DC_MUTEX-7GHRCRH

Attributes

gencode
VKLv�aC*TpMc
install
false
offline_keylogger
false
persistence
false

rc4.plain

Targets

- Target
  
  JaffaCakes118_87d508a22f47c97a5b2ec61236f99b00
- Size
  
  745KB
- MD5
  
  87d508a22f47c97a5b2ec61236f99b00
- SHA1
  
  9bb0875720b1e722f10dd2c0ff79bef8b49cb84a
- SHA256
  
  2f86db7106f852e5f02043136c7160989d6c817eed76000a253ad75cc7cfcf8c
- SHA512
  
  797263419b5ea8ec65b723812252267141b36b59cedf0b3259690b3848767650b3b354541fa746c3639c400b02459d87bf7b1762c8c58679a3fec0594015f688
- SSDEEP
  
  12288:c6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfh:xAmBpVKHu0Mu9Xo20VGLVP5
Score

10^/10

darkcomet test discovery rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Darkcomet family
  darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcomettestdiscoveryrattrojan

behavioral2

darkcomettestdiscoveryrattrojan